hi, I have a SuSE 7.0 linux box that runs as DNS, filter and gateway. The filter is quite simple. and I 'experiencing troubles... The public ip adress is 62.161.161.253, and the internal lan is nat'ed and use the 192.168.0.x adresses. The computers from the lan can see almost all the internet except the sites that have ip's beginning with 62.*... What can be the trouble ?.... here's the filter i use. #!/bin/sh echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/ipchains -F forward /sbin/ipchains -P forward DENY route add -net 62.161.161.192 netmask 255.255.255.224 gw 62.161.161.222 tr0:0 route add 192.168.0.3 gw 62.161.161.253 route add default gw 62.161.161.254 /sbin/ipchains -A forward -s 0.0.0.0/0.0.0.0 -d 62.161.161.194/255.255.255.255 -j ACCEPT /sbin/ipchains -A forward -s 0.0.0.0/0.0.0.0 -d 62.161.161.195/255.255.255.255 -j ACCEPT /sbin/ipchains -A forward -s 62.161.161.194/255.255.255.255 -d 0.0.0.0/0.0.0.0 -j ACCEPT /sbin/ipchains -A forward -s 62.161.161.195/255.255.255.255 -d 0.0.0.0/0.0.0.0 -j ACCEPT /sbin/ipchains -A forward -s 192.168.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 -j MASQ TIA Stephane Parenton